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Cloud  Computing  is  emerging  technology  which  consist  of  existing  techniques  combined  with  new  technology 
paradigms.  In  this  new  technology  shared  resources  like  software's,  hardware's  and  information  is  provided  to  its  users  and 
other  peoples  on  internet  whenever  demanded. 

Today's  world  relies  on  cloud  computing  to  store  their  public  as  well  as  some  personal  information  which  is 
needed  by  the  user  itself  or  some  other  persons.  Cloud  service  is  any  service  offered  to  its  users  by  cloud.  As  cloud 
computing  comes  in  service  there  are  some  drawbacks  such  as  privacy  of  user's  data,  security  of  user  data  is  very 
important  aspects. 

In  this  paper  we  are  focusing  to  enhance  the  data  security  in  cloud  computing  using  3D  framework  and  digital 
signature  with  RSA  Encryption  algorithm.  In  3D  frameworks,  at  client  side  user  select  the  parameters  reactively  between 
Confidentiality,  Integrity  &  Availability  and  before  actual  storing  the  data  in  cloud  a  digital  signature  is  created  using 
MD  5  Algorithm  and  then  RSA  Encryption  algorithm  is  applied  then  it  stored  on  cloud. 
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Cloud  computing  is  a  model  for  enabling  ubiquitous,  convenient,  on  demand  access  to  shared  pool  of  computing 
resources  that  can  rapidly  provisioned  and  released  with  minimal  management  efforts.  Cloud  computing  is  a  practical 
approach  to  experience  direct  cost  benefits  and  it  has  potential  to  transform  a  data  center  from  a  capital  intensive  set  up  to  a 
variable  priced  environment  [5].  Nowadays  cloud  computing  has  becoming  IT  buzzword  for  its  implementation  in  last  few 
years  [1].  Cloud  computing  is  a  term  which  is  often  used  with  synonyms  like  grid  computing,  cluster  computing, 
distributed  computing,  autonomic  computing.  Not  only  this  makes  researchers  to  make  some  modifications  in  the  existing 
cloud  structure,  invent  new  model  cloud  computing  and  much  more  but  also  there  are  some  extensible  features  of  cloud 
computing  that  make  him  a  super  power. 

Features  of  Cloud  Computing 

•  Scalability:  Cloud  computing  is  scalable.  That  is  whenever  we  need  more  resources  we  can  add  it  to  the  cloud 
anytime.  That  is  Cloud  computing  is  infinite  pool  of  resources  [6]. 

•  Environment  Friendly:  Cloud  computing  makes  efficient  use  of  hardware  which  helps  to  reduce  energy  cost  [6]. 

•  Cost  Efficient:  Major  feature  and  advantage  of  cloud  computing  is,  it  is  cost  efficient.  We  have  to  pay  that  much 
amount  which  we  used  just  like  electricity  bill  [6]. 
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•  Up  to  Date:  we  need  not  to  worry  about  the  updates  to  the  software's  and  hardware's  that  we  are  using  in  the 
cloud.  The  provider  is  responsible  for  the  overall  update  process  of  all  the  components  [6]. 

•  Improved  Performance:  Whenever  we  need  some  high  configuration  resources  it  will  be  available  to  the  user  on 
its  demand  [6]. 

Now,  we  come  to  know  some  basics  about  cloud  computing,  but  we  still  we  don't  know  how  cloud  computing 
works?  So  let's  closer  look  about  cloud  computing  architecture  [15]. 

CHALLENGES  IN  CLOUD  COMPUTING 

Although  virtualization  and  cloud  computing  can  help  companies  accomplish  more  by  breaking  the  physical 
bonds  between  an  IT  infrastructure  and  its  users,  heightened  security  threats  must  be  overcome  in  order  to  benefit  fully 
from  this  new  computing  paradigm.  This  is  particularly  true  for  the  SaaS  provider.  Some  security  concerns  are  worth  more 
discussion  [2]. 

With  the  cloud  model,  you  lose  control  over  physical  security.  In  a  public  cloud,  you  are  sharing  computing 
resources  with  other  companies.  In  a  shared  pool  outside  the  enterprise,  you  don't  have  any  knowledge  or  control  of  where 
the  resources  run.  Exposing  your  data  in  an  environment  shared  with  other  companies  could  give  the  government 
"reasonable  cause"  to  seize  your  assets  because  another  company  has  violated  the  law.  Simply  because  you  share  the 
environment  in  the  cloud,  may  put  your  data  at  risk  of  seizure.  Storage  services  provided  by  one  cloud  vendor  may  be 
incompatible  with  another  vendor's  services  should  you  decide  to  move  from  one  to  the  other.  Data  integrity  is  assurance 
that  the  data  is  consistent  and  correct.  Ensuring  the  integrity  of  the  data  really  means  that  it  changes  only  in  response  to 
authorized  transactions  [16].  Following  are  the  major  challenges  in  the  cloud  computing: 

•  Data  Protection 

•  Data  Recovery  and  Availability 

•  Handling  Failures 

•  Security  and  Trust  Issues 
3D  FRAMEWORK 

Cloud  computing  is  emerged  as  the  modern  technology  which  developed  in  last  few  years,  and  considered  as  the 
next  big  thing,  in  the  years  to  come.  Since  it  is  new,  so  it  requires  new  security  techniques  and  face  new  challenges  as  well 
to  improve  its  performance.  Today  cloud  growing  and  gets  growing  up  so  it  becomes  major  part  of  IT  industry  now. 
Cloud  computing  is  widely  accepted  as  adoption  of  virtualization,  SO  A  and  utility  computing  [1]. 

There  are  different  issue  and  challenges  with  each  cloud  computing  technology.  The  various  security  concerns 
and  upcoming  challenges  are  addressed  in  the  book  named  Cloud  Computing  Security  Issues  and  Challenges  by 
Balchandran  Reddy.  Until  now  there  is  no  such  standard  is  available  regarding  service  or  operational  functioning,  and  its 
security  is  a  major  concern.  There  are  also  the  architectural  security  issues  which  are  changing  according  to  various 
architectural  designs  functioning  over  cloud  computing  [1]. 

Cloud  computing  providing  services  in  layered  medium,  so  there  must  be  some  SLA  (Service  Level  Agreement) 
or  service  management,  must  be  applied  over  the  layers,  which  eventually  increase  the  confidence  of  the  user  [1]. 
Data  security  over  the  cloud  also  a  major  concern  and  various  methodologies  are  proposed  also  privacy  preserving  auditing 


Cloud  Data  Security  Using  Encrypted  Digital  Signature  &  3D  Framework 


115 


for  the  data  storage  security  in  cloud  computing  raising  the  concern  over  the  privacy  related  issues  in  data  storage  such  that 
no  critical  information  can  be  intercepted  as  recently  a  case  happened  with  Wiki  leaks,  over  the  security  of  the  data  [1]. 

Problem  Description 

Today  cloud  computing  make  everything  flexible  and  easier  but  there  is  another  aspect  that  is  what  about  security 
of  user's  data?  Is  cloud  computing  in  current  scenario  is  providing  confidentiality,  integrity  and  being  regulated  by 
compliance  like  Data  Protection  Act  [1].  Through  cloud  computing  the  resource  are  centralized,  so  the  exposure  factor 
proportionally  increase  which  results  in  risk.  So  it  is  necessary  to  put  a  countermeasure  to  mitigate  the  potential  risk. 

In  3  Dimensional  securities  scheme,  when  client  uploads  the  data  over  the  cloud  classifies  it  on  the  basis  of  its 
security  level.  The  data  is  classified  based  on  3  parameters  Confidentiality,  Integrity  &  Availability  (CIA)  [1]. 
Confidentiality  means  up  to  what  level  data  should  kept  secured  on  the  cloud.  Integrity  provides  assurance  that  data  is  not 
altered  but  is  accurate.  Reliability  means  correct  data  is  given  output  to  valid  users.  These  parameters  decide  the  level  of 
security  provided  on  a  particular  data.  The  3  Dimensional  frameworks  are  explained  with  following  example. 

Suppose  a  businessman  wants  to  upload  his  information  on  the  cloud.  Thus  while  giving  input  as  data  to  the  cloud 
he  has  to  categorize  that  data  on  the  level  of  security  using  parameters  of  CIA  (Confidentiality,  Integrity  and  Availability) . 
The  data  is  of  any  type.  Data  for  example  his  contact  numbers  must  be  uploaded.  He  decides  to  give  less  security  for  this 
data  as  they  are  not  almost  important  such  data  of  low  level  of  security  goes  in  protection  ring  level  3. 

Data  like  his  schedule  of  meeting  which  has  a  little  more  level  of  security  counts  in  the  protection  ring  2.  While 
data  like  his  bank  account  number,  PAN  card  number  etc.  which  has  highest  level  of  security  are  kept  in  protection  ring 
level  1  [1]. 


Figure  1:  Example  of  a  Figure  Caption 

3  Dimensional  gives  facility  to  the  user  to  categorize  data  according  to  its  security  levels.  Thus  common  data 
which  can  be  kept  public  to  all  users  need  not  require  high  security  schemes.  Data  categorized  thus  have  increase  the  level 
of  security  of  access. 

Algorithm 
Stepl 

Input:  User  should  provide  the  data  as  input  along  with  parameters  of  security  levels  i.e.  CIA.  Users  have  the 
choice  to  select  the  parameters  between  CIA  parameters.  User  data,  protection  ring,  arrays  D,  C,  I,  A,  S,  R  of  n  integer 
size  [1]. 

Step  2 

Output:  Data  gets  categorized  into  various  rings  i.e.  ring  1,  ring  2,  and  ring  3.  This  helps  in  providing  different 
levels  of  access  to  different  categories  of  data.  Define  data  protection  ring  D  [  ]  array  of  n  size. 
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Step  3 

for  i=l  to  n  //input  the  values  of  CIA 
{ 

C[i]  rvalue  for  ith  data 
I[i]  <— value  for  ith  data 
A[i]  <—  value  of  ithdata 
} 

Step  4 

For  i=l  to  n  /*assume  rings  3  and  protection  levels  from  1  to  10  selected  manually  by  client  while  uploading 

files*/ 

If  (C[i]>6  and  I[i]>6)  then 
Ring  level=  1  (high) 
Else 

Calculate  new  average  term  CI  of  both  C  and  I 
CI=(C[i]  +I[i])/2 
Goto  step  5 

Step  5 

For  i=l  to  n 

If  (CI>3  and  CI<5  and  A[i]  <5)  then 
Ring  level  2(Mid) 
If  (CI>3  and  CI<5  and  A[i]>5)  then 
Ring  level  3  (Low) 
If  (CI>=1  and  CI<3)  then 
Ring  level  3  (Low) 
Time  Complexity 

O  (n)  Best  case 
O  (3n+)  Worst  case 

In  above  algorithm,  the  first  job  of  the  user  is  to  categorize  it  on  the  basis  of  confidentiality,  integrity  and 
availability.  Here  D  [  ]  represents  data,  now  the  user  have  to  give  the  value  of  C-  confidentiality  I-  integrity  and 
A-  availability.  After  Appling  proposed  formula  the  value  of  Cr  criticality  raring  is  calculated.  Now  allocation  of  data  on 
the  basis  of  Cr  is  done  in  protection  ring.  This  suggests  that  internal  protection  ring  is  very  critical  and  it  require  more 
security  technique  to  ensure  confidentiality  [1].  After  applying  above  the  user  are  required  to  register  itself.  And  whenever 
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the  user  access  the  data  he  /  she  have  to  give  username  if  it  matches  then  it  redirected  to  company  for  authentication. 
Now  here  the  user  is  required  to  give  password  for  corresponding  password.  If  the  user  get  validated,  it  redirect  to  cloud  to 
access  resource  [1]. 

This  technique  provides  a  new  way  to  authenticate  in  3  dimensional  approaches.  It  provides  availability  of  data  by 
overcoming  many  existing  problem  like  denial  of  services,  data  leakage.  As  additional  it  also  provides  more  flexibility  and 
capability  to  meet  the  new  demand  of  today's  complex  and  diverse  network  [2]. 

PROPOSED  ALGORITHM 

RSA  is  a  public  key  algorithm  invented  in  1977  by  3  scientists  Ron  Rivest,  Adi  Shamir,  Leonard  Adleman  (RSA). 
RSA  is  most  widely  used  public  key  algorithm  over  internet  RSA  is  capable  of  supporting  encryption  and  digital 
signatures.  RSA  gets  its  security  by  integer  factorization  problem.  RSA  is  relatively  very  easy  to  understand  and 
implement  [10]. 

Today  RSA  is  used  worldwide  to  encrypt  the  data  which  is  confidential  and  RSA  gives  best  security  policy  that's 
why  all  the  service  providers  such  as  Gmail,  hotmail,  media  fire  etc.  are  using  RSA  algorithm  to  ensure  their  users  full  of 
confidentiality.  RSA  is  also  used  in  some  security  protocols  to  ensure  security  and  the  protocols  are  [10]: 

IPSEC/IKE:  IP  Data  Security 

TLS/SSL:  Transport  Layer  Security 

PGP:  Email  Security 

SSH:  Terminal  Connection  Security 

SILC:  Conferencing  Service  Security 
Step  1:  Key  Generation 

Declare  e  as  encryption  exponent  and  d  as  decryption  exponent. 

p,  q «—  Integer  numbers. 

n<— Modulus  for  keys. 

0  (n)  *—  Euler's  Totient. 

e  <— Public  key  exponent. 
Step  2:  Compute  Values 

Choose  two  distinct  large  prime  numbers  p  &q  (Random  prime  no  generation  algorithm). 

•  Compute  n=p*q 

•  Compute  0(n)=(p-l)(q-l). 

•  Choose  e  such  that  l<e<  0(n) 

•  Compute  d*e=l 

•  Public  key  is  (n,  e),private  key  is  (n,  d) 
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Step  3:  Digital  Signing 

•  Sender  A  create  message  digest  of  information  using  hash  function  (MD5) 

•  Hash  Function 

o     Declare  character,  str'  of  unsigned  long  type, 
o     Declare  &  initialize  hash  of  unsigned  integer  type, 
o     Unsigned  int  hash=0 
intq. 

While  (q=str+l) 
Hash=hash+q; 

•  Represent  this  digest  as  integer  m&  it  is  having  value  between  0  to  n-1 

•  Uses  private  key  (n,  d)  to  compute  the  signature 
S=md  mod  n 

•  Send  signature  S  to  the  recipients 
Step  4:  Encryption 

•  Sender  A  obtain  receiver  B's  public  key  (n,  e) 

•  Plaintext  message  as  integer  m 

•  Compute  cipher  text  c=me  mod  n 

•  Sends  this  message  (cipher  text)  to  B 
Step  5:  Decryption 

•  Uses  his  private  key  (n,  d)  to  compute  m=cd  mod  n 

•  Extract  plain  text 
Step  6:  Signature  Verification 

•  Receiver  uses  senders  public  key  (n,  e)  to  compute  V=Se  mod  n 

•  Extract  message  digest  from  integer  V 

•  Independently  computes  the  message  digest  of  the  information  that  has  been  signed. 

•  If  both  are  identical  the  signature  is  valid 
Time  Complexity 

Best  Case:  O  (n) 
Worst  Case:  O  (n2) 
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OTP  (ONE  TIME  PASSWORD) 

A  onetime  password  (OTP)  is  generated  without  connecting  the  client  to  the  server  [3].  The  mobile  phone  will  act 
as  a  token  and  use  certain  factors  unique  to  it  among  other  factors  to  generate  a  one-time  password  locally.  The  server  will 
have  all  the  required  factors  including  the  ones  unique  to  each  mobile  phone  in  order  to  generate  the  same  password  at  the 
server  side  and  compare  it  to  the  password  submitted  by  the  client.  The  client  may  submit  the  password  online  or  through  a 
device  such  as  an  ATM  machine.  A  program  will  be  installed  on  the  client's  mobile  phone  to  generate  the  OTP  [3]. 

In  order  to  secure  the  system,  the  generated  OTP  must  be  hard  to  guess,  retrieve,  or  trace  by  hackers.  Therefore,  it's 
very  important  to  develop  a  secure  OTP  generating  algorithm.  Several  factors  can  be  used  by  the  OTP  algorithm  to  generate 
a  difficult-to-guess  password.  Users  seem  to  be  willing  to  use  simple  factors  such  as  their  mobile  number  and  a  PIN  for 
services  such  as  authorizing  mobile  micropayments  [3]. 

OTP  Parameters 
IMEI  Number 

The  term  stands  for  International  Mobile  Equipment  Identity  which  is  unique  to  each  mobile  phone  allowing  each 
user  to  be  identified  by  his  device.  This  is  accessible  on  the  mobile  phone  and  will  be  stored  in  the  server's  database  for 
each  client  [3]. 

IMSI  Number 

The  term  stands  for  International  Mobile  Subscriber  Identity  which  is  a  unique  number  associated  with  all  GSM 
and  Universal  Mobile  Telecommunications  System  (UMTS)  network  mobile  phone  users.  It  is  stored  in  the  Subscriber 
Identity  Module  (SIM)  card  in  the  mobile  phone.  This  number  will  also  be  stored  in  the  server's  database  for  each 
client  [3]. 

Username 

Although  no  longer  required  because  the  IMEI  will  uniquely  identify  the  user  anyway.  This  is  used  together  with 
the  PIN  to  protect  the  user  in  case  the  mobile  phone  is  stolen  [3]. 

PIN 

This  is  required  to  verify  that  no  one  other  than  the  user  is  using  the  phone  to  generate  the  user's  OTP.  The  PIN 
together  with  the  username  is  data  that  only  the  user  knows  so  even  if  the  mobile  phone  is  stolen  the  OTP  cannot  be 
generated  correctly  without  knowing  the  user's  PIN.  Note  that  the  username  and  the  PIN  are  never  stored  in  the  mobile's 
memory.  They  are  just  used  to  generate  the  OTP  and  discarded  immediately  after  that  [3]. 

Hour 

This  allows  the  OTP  generated  each  hour  to  be  unique  [5]. 

Minute 

This  would  make  the  OTP  generated  each  minute  to  be  unique;  hence  the  OTP  would  be  valid  for  one  minute  only 
and  might  be  inconvenient  to  the  user.  An  alternative  solution  is  to  only  use  the  first  digit  of  the  minute  which  will  make 
the  password  valid  for  ten  minutes  and  will  be  more  convenient  for  the  users,  since  some  users  need  more  than  a  minute  to 
read  and  enter  the  OTP.  Note  that,  the  software  can  be  modified  to  allow  the  administrators  to  select  their  preferred  OTP 
validity  interval  [5]. 
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Day 

Makes  the  OTP  set  unique  to  each  day  of  the  week. 
Year/Month/Date 

Using  the  last  two  digits  of  the  year  and  the  date  and  month  makes  the  OTP  unique  for  that  particular  date  [3]. 

PERFORMANCE  EVALUATION 

Models  for  delivering  information  technology  services  in  which  resources  are  retrieved  from  the  internet  through 
web  based  tools  and  applications,  rather  than  a  direct  connection  to  a  server.  Data  and  software  packages  are  stored  in 
servers.  However,  cloud  computing  structure  allows  access  to  information  as  long  as  an  electronic  device  has  access  to  the 
web  [18].  In  cloud  computing  technology  data  and  resources  are  shared;  hence  there  is  a  threat  of  accessing  of  data  by 
invalid  users.  Initially,  the  access  to  the  cloud  was  not  secure  because  credentials  such  as  username  and  password  were 
required  to  access.  Any  invalid  user  tries  to  make  login  to  the  system  using  other's  account  then  he  is  able  to  access  the 
data  [14]. 

Security  policies  like  3  dimensional  framework  enables  to  categorize  data  into  different  security  levels.  Digital 
signature  is  very  strong  authentication  scheme  for  verifying  that  only  valid  user  who  is  liable  to  access  can  access  the  file. 
RSA  is  strongest  public  key  encryption  algorithm  used  over  the  internet  now  a  day.  RSA  is  one  of  the  algorithms  having 
asymmetric  key  encryption  policy.  Any  invalid  user  accessing  encrypted  data  then  it  is  hard  to  interpret  [10].  Security  of 
cloud  is  enhanced  by  using  3  Dimensional  Framework,  Digital  Signature,  RSA  Encryption  Algorithm  and  Two  Factor 
Authentication  Schemes. 

CONCLUSIONS 

The  cloud  is  a  next  generation  platform  that  provides  dynamic  resource  pools,  virtualization,  and  high  availability. 
Today,  we  have  the  ability  to  utilize  scalable,  distributed  computing  environments  within  the  confines  of  the  Internet, 
a  practice  known  as  cloud  computing  [2]. 

As  cloud  is  a  emerging  technology  there  are  some  areas  where  we  have  to  make  improvement.  Security  is  most 
important  aspect  today,  without  proper  security  policies  no  one  can  keep  their  data  on  the  cloud  safeguarded.  So  we  have  to 
improve  security  area  of  cloud  to  assure  user  about  his  privacy  regarding  his  data  on  the  cloud.  To  achieve  this  we 
implement  the  technique  of  3  dimensional  framework  along  with  Digital  signature  and  RSA  Encryption  Algorithm  to 
improve  security  one  step  ahead  [1][2]. 
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